Pierluigi Paganini January 10, 2014

IT administrator at Monju Nuclear Power Plant discovered that a malware-based attack infected a system in the reactor control room.

On January 2nd one of the eight computers in the control room at Monju Nuclear Power Plant was compromised. An IT administrator has discovered that the system in the reactor control room had been accessed over 30 times in the last five days after an employee updated a free application on one of the machines in the plant.

First information available on the incident confirms that more than 42,000 e-mails and staff training reports were available on the compromised system at the nuclear power plant.

Security experts that investigate on the incident concluded that it is a malware-based attack, a possible vector of the infection could be a software update on the compromised machine, the malicious code has stolen some data sending it to a Command & Control server located in South Korea according tp the network logs on out-bound traffic.

In November, Japan’s Nuclear Regulation Authority informed the Japan Atomic Energy Agency that anti-terrorism measures adopted  at the Monju Nuclear Power Plant were not adequate.  According to the Regulation Authority, the Japan Atomic Energy Agency is violating security guidelines and is not adopting best practices to ensure the protection of nuclear materials from terrorists and other attacks, including cyber offensives.

The recent incident to the Japan Atomic Energy Agency is not an isolated event, in November of 2012 a computer at the JAEA headquarters at Tokaimura was also infected by a malware.

The Japan Atomic Energy Agency has informed that it is still investigating on the attack, it is fundamental to discover the exact infection process and the nature and volume of the data stolen during the network intrusion.

Nuclear power plants are critical infrastructure, their security is one of the main concerns for every government, consider also that protection of critical systems is a shared responsibility. An incident to a nuclear facility could have a significant environmental impact that affects the overall ecosystem of the planet.

Security of critical infrastructure is a shared goal that could be achieved with a joint effort of governments, private entities and thr population itself. Security awareness, adoption of security best practices, implementation of proper security solutions and sharing of information on incidents are fundamental principles to reach a good compromise between security and cost to sustain to ensure the protection of infrastructures.

Security is a must!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Monju Nuclear Power Plant, malware)